4 matches found
CVE-2026-32710 Heap-based Buffer Overflow in MariaDB
MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSONSCHEMAVALID function. Under certain conditions it might be possible to turn the crash into a remote code execution. These...
CVE-2024-35239 Stored Cross-site Scripting on Components of Umbraco Forms
Umbraco Commerce is an open source dotnet web forms solution. In affected versions an authenticated user that has access to edit Forms may inject unsafe code into Forms components. This issue can be mitigated by configuring TitleAndDescription:AllowUnsafeHtmlRendering after upgrading to one of th...
PT-2020-9722 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions 12.2.2 and earlier Description: The issue allows a guest user in a private project to see the merge request ID associated to an issue via the activity timeline. Recommendations: For GitLab versions 12.2.2 and earlier, update t...
Oracle Enterprise Manager Ops Center Component Remote Vulnerability
Oracle Enterprise Manager Products Suite is a set of Oracle's on-premise management platform. Enterprise Manager Ops Center is one of the enterprise data center monitoring and management components. A security vulnerability exists in the Framework subcomponent of the Enterprise Manager Ops Center...